We are growing fast as a company and do our best to bring our SaaS cloud-based backup services to the global audience. 

Our platform is designed to provide customers with an immutable historical archive of their primary data in systems such as Microsoft 365, Google Workspace, Salesforce, Entra ID, Dynamics 365, and Zendesk. It aims to protect them against everything, starting from ransomware to simple accidents. 

Most of our back-end components are written in clean, modern C++ using mainly purpose-built components and STL. Several components that deal with business processes and data mining are built using Common Lisp. Everything runs on Linux. 

Backing up billions of objects over foreign APIs using imperfect networks on systems with finite memory and making it all happen in as little time as possible is no small feat. 

We are a product-centered company, and cybersecurity is one of our main priorities.

If you think solving complex problems is fun, we have strong indications that we will not run out of challenging problems any time soon. Come join us for the fun!

Primary Responsibilities:

• Develop and optimize SIEM rules, fine-tuning alerts to reduce false positives

• Create and maintain playbooks for incident handling and ensure knowledge transfer to manager analysts

• Working on connecting new log sources, log optimization, and parsing.

• Perform threat hunting, root cause analysis, and forensics

• Lead incident response efforts and coordinate across IT, security, and management teams

• Act as a spare SOC engineer

Skills and Qualifications:

• 4+ years of experience in SOC environments or equivalent (monitoring)

• Obligatory expertise in SIEM solutions (MS Sentinel, Wazuh) with demonstrated ability to create, optimize, and manage rules

• Hands-on experience with malware analysis, reverse engineering, and forensics.

• Advanced knowledge of incident response frameworks (NIST, SANS) and tools (e.g., EDR, IDS, IPS, centralized antivirus etc.)

• Strong knowledge of security standards (ISO 27001, NIST) and ability to map them to incident handling procedures

• Leadership and mentorship skills, with a proven track record of training and upskilling junior analysts

• Relevant certifications: CSA, CISSP, GIAC, OSCP, CEH, or equivalent will be an advantage

A fair and transparent recruitment process

During the recruitment process, you can expect the following stages:

CV screening, Recruitment interview, Recruitment feedback review, Technical interview, Technical task (optionally),  and Final interview.

You will be assessed according to the criteria below:  

      Technical Skills:

• Incident Response: Proficient in investigating, analyzing, and mitigating complex security incidents.

• Threat Hunting: Hands-on experience with proactive threat hunting methodologies and tools.

• Forensic Analysis: Skills in endpoint, network, and memory forensic investigations.
  Malware Analysis: Capable of conducting static and dynamic malware analysis.

• SIEM Mastery: In-depth knowledge of SIEM platforms (e.g., MS Sentinel, Wazuh, including rule creation, query optimization, and reporting.

• Automation: Familiarity with SOAR platforms and scripting (Python, Bash, PowerShell) for automating routine tasks.

• Threat Intelligence: Ability to operationalize threat intelligence and correlate indicators with incidents.
  
  Soft Skills:

• Analytical and Problem-Solving Skills: A systematic approach to identifying and resolving complex issues.

• Teamwork and Collaboration: Proven ability to work effectively in cross-functional teams.

• Communication Skills: Capability to communicate technical details clearly to non-technical stakeholders.
  
  Language:  

• English is a preferred language, and we expect you to be fluent in it, both written and spoken.
  
  Logical Thinking:
  

• Structured Problem Solving: Ability to break down complex security issues into actionable steps.

• Decision-Making Skills: Making informed and reasoned decisions under pressure.

• Pattern Recognition: Identifying unusual patterns and behaviours in data or systems.

• Scenario-Based Thinking: Proficiency in simulating and analyzing hypothetical threat scenarios.

We offer:

• Competitive salary.
• Pension scheme.
• A modern, energetic global work environment.
• Flexible work-life balance supported by a hybrid working model.
• Regular team-building activities.
• Opportunities for professional development and career advancement.
• Compensation is based on experience and skill set.

About Us:

Founded in 2007, Keepit is a global leader in SaaS data backup. Headquartered in Copenhagen, Denmark, we operate across Europe, the US, Australia, and New Zealand. Our vendor-neutral backup solutions ensure that customer data is securely stored in our own resilient data centres.

Recognised as a Leader in Forrester’s New Wave for SaaS Data Protection, Keepit stands out for its broad coverage, usability, security, privacy, and innovative roadmap.

We kindly ask you not to provide us with any sensitive categories of personal data when applying for a job with us. When applying for the vacancy, Keepit will process your personal data, and therefore we recommend that you also read our privacy policy, which describes our processing of personal data and your rights as a data subject.

If you notice any misconduct or irregularities that fall within the scope of our whistleblowing procedure, please click here to report them.